package javax.core.spring.security.service;

import com.google.gson.Gson;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import javax.core.security.AuthorizationManager;

@Primary
@Component
public class TokenAuthorizeManager implements AuthorizationManager {
    // 默认的 session 超时时间五分钟
    public static final Long DEFAULT_SESSION_TIMEOUT = 300000L;
    // 存放用户session的 redis前缀， key 为 PREFIX_CURRENT_USER + token
    public static final String PREFIX_CURRENT_USER = "micro:session:token:";
    public static final String PREFIX_USER_DETAIL = "user:detail:";

    @Autowired
    private SecuritySessionManager SecuritySessionManager;
    Gson gson = new Gson();

    @Override
    public Object authorize(String token) {
        if (StringUtils.isEmpty(token)) {
            return null;
        }
        return SecuritySessionManager.loadPrincipalByToken(token);
    }
}
